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may be monitored, if it is determined that the 
packetXwas sourced by a client device belonging 
to the group of client devices. 



In accordance with 37 C.F.R. § 1.121(c)(l)(ii), 
separate sheets with th^ rewritten claims marked-up to show 
the changes made to the previous version of the claims, is 
filed herewith. 



REMARKS 



In view of the following remarks, the applicants 
respectfully submit that the pending claims are not 
rendered obvious under 35 U.S. C. § 103. Accordingly, it is 
believed that this application is in condition for 
allowance. If, however, the Examiner believes that there 
are any unresolved issues, or believes that some or all of 
the claims are not in condition for allowance, the 
applicants respectfully request that the Examiner contact 
the undersigned to schedule a telephone Examiner Interview 
before any further actions on the merits. 

The applicants will now address each of the issues 
raised in the outstanding Office Action. 



Rejections under 35 U.S.C. § 103 



Claims 1-13, 15-25 and 28-31 stand rejected under 35 
U.S.C. § 103(a) as being unpatentable over U.S. Patent No. 
6,035,405 ("the Gage patent") in view of U.S. Patent No. 
5,946,313 ("the Allan patent"). The applicants 
respectfully request that the Examiner reconsider and 
withdraw this ground of rejection in view of the following. 
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None of independent claims 1, 5, 9, 13 and 15 are 
rendered obvious by the Gage and Allan patents because (i) 
these patents, either taken alone or in combination, fail 
to teach or suggest, for packets sourced from a number of 
client devices, replacing at least a part of a layer 2 
header with a unique bit string that is independent of the 
contents of the received packets, and (ii) one skilled in 
the art would not have been motivated to combine the 
references as proposed by the Examiner. 

In addition, independent claims 1 and 13 are not 
rendered obvious by the Gage and Allan patents because 
these patents neither teach, nor suggest, determining 
whether or not a packet is entitled to access a particular 
service using at least a portion of the unique bit string. 
In addition, independent claim 5 is not rendered obvious by 
the Gage and Allan patents because these patents neither 
teach, nor suggest, determining a s ervice level to which a 
p acket is entitled using at leas t a portion of thg ^unj^gue 
b it stri ng. Finally, in addition, independent claims 9 and 
15 are not rendered obvious by the Gage and Allan patents 
because these patents neither teach, nor suggest, 
f orwarding a copy of a packet determ ined to belong to a 
group of client devices to a monitoring facility which 
monito rs (a) the s ervice provided to a group of cust omers 
and/or ( b) sec urity. Each of independent claims 1, 5, 9, 
13 and 15 are reprinted below with these features depicted 
in bold typeface: 



1. A method for provisioning services 
to packets sourced from a number of 
client devices, each of the packets JVjA' 
having at least a part of a layer 2 
header replaced with a \inique bit 
string that is independent of the 
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contents of the received packets, the 
method comprising: 

a) determining whether or not the 
packet is entitled to access a 
particular service using at least 
a portion of the unique bit 
string; and 

b) if it is determined that the 
packet is entitled to access the 
particular service, then routing 
the packet. [Emphasis added.] 



5 . A method for providing various 
quality of service levels to packets 
sourced from a number of client 
devices, each of the packets having at 
least a part of a layer 2 header 
replaced with a \inique bit string that 
is independent of the contents of the 
packets, the method comprising: 

a) determining a service level to / 
which the packet is entitled using at / 
least a portion of the unique bit ' 
string; and 

b) forwarding the packet to a queue 
associated with the service level 
determined. [Emphasis added.] 



9. A method for monitoring packets 

sourced from a group of client devices 

defining a subset of client devices, 

each of the packets having at least a j^f ^ 

part of a layer 2 header replaced with 

a unique bit string, the method 

comprising : 

a) determining whether or not the 
packet belongs to the group of 
client devices using at least a 
portion of at least one of the 
unique bit string; and 

b) if it is determined that the 
packet does belong to the group of 
client devices, then 

i) copying the packet to 
generate a duplicate packet, 
and 
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ii) forwarding the duplicate 
packet to a monitoring 
facility, wherein the 
monitoring facility monitors 
at least one of (A) service 
provided to a group of 
customers and (B) security . 
[Emphasis added.] 



13 . An apparatus for provisioning 
services to packets sourced from a 
number of client devices, each of the 
packets having at least a part of a 
layer 2 header replaced with a unique 
bit string, the apparatus comprising: 

a) an access control list; and 

b) an access controller, the 
access controller including 

i) means for determining 
whether or not the packet is 
entitled to access a 
particular service using 

A) contents of the 
access control list, and 

B) at least a portion 
of the unique bit 
string, and 

ii) means for routing the 
packet if it is determined 
that the packet is entitled 
to access the particular 
service. [Emphasis added.] 

15. An apparatus for monitoring 
packets sourced from a group of client 
devices defining a subset of client 
devices, each of the packets having at 
least a part of a layer 2 header 
replaced with a unique bit string, the 
apparatus comprising : 

a) a monitoring port for 
accepting packets of the group of 
client devices to be monitored; 

b) means determining whether or 
not an accepted packet belongs to 
the group of client devices using 
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at least a portion of the unique 
bit string; and 
c) means for 

i) copying the accepted 
packet to generate a 
duplicate packet, and 

ii) forwarding the duplicate 
packet to the monitoring port 
so that at least one of (A) 
service to a group of 
customers and (B) security, 
may be monitored, if it is 
determined that the packet 
was sourced by a client 
device belonging to the group 
of client devices . [Emphasis 
added . ] 

First, none of independent claims 1, 5, 9, 13 and 15 
are rendered obvious by the Gage and Allan patents because 
these patents, either taken alone or in combination, fail 
to teach or suggest, for packets sourced from a number of 
client devices, replacing at least a part of a layer 2 V^^x^-^^^^ 
header with a unique bit string that is independent of the 
contents of the received packets. The Examiner concedes 
that the Gage patent does not teach this feature, but 
argues that the Allan patent discloses this feature. More 
specifically, the Examiner argues that in the Allan patent: 



each of the packets [has] at least a 
part of a layer 2 header (MAC address, 
DA 28 or SA 30, fig. 2) replaced 
(inserted) with a unique bit string 
(unique MAC QUI) that is independent of 
a layer 2 destination address 28 (as 
the unique MAC OUI is in SA 42) {col. 7, 
lines 12-20; col, 8, lines 56-58}. 

Paper No. 14, page 3. This is not an accurate 
representation of the Allan patent. 
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In the Allan patent, ATM cells from an ATM network 
(23) can be converted into an Ethernet frame for use on an 
Ethernet LAN (25) . Figures 3A and 6A illustrate such a 
conversion. Conversely, an Ethernet frame from an Ethernet 
LAN (25) can be converted into ATM cells for use on an ATM 
network (23) . Figures 3B and 6B illustrate such a 
conversion. In either case, part of the layer 2 header is 
not replaced with a unique bit string. Rather information 
(e.g., an ATM Organizationally Unique Identifier ("OUI"), 
ATM Virtual Path Identifier ("VPI"), ATM Virtual Channel 
Identifier ("VCI")) is merely inserted into the layer 2 
header of a newly generated packet or frame -- it does not 
"replace" information in existing packets as recit ed in the 
d-al-m's": "Replace" as used in the claims has its ordinary 
meaning of "to take the place of" since there is already an 
existing packet with an existing layer 2 header. This is 
different from the Allan patent which inserts information 
in a newly generated Ethernet frame. More specifically, 
the Allan patent states: 

an end station 39, 39', 39'' generates 
an outgoing frame 3 , with the 
destination MAC indicating the ATM QUI 
address of E-MUX 21, rather than the 
address of another end station in the 
Ethernet network 25. 

Column 8, lines 21-25. To reiterate, information 
originally in a header is not being replaced it is not 
used in the first place and therefore cannot be replaced. 
Accordingly, independent claims 1, 5, 9, 13 and 15 are not 
rendered obvious by the Gage and Allan patents for at least 
this reason. Since claims 2-4, 16, 17 and 31 depend from 
claim 1, since claims 6-8, 18 and 19 depend from claim 5, 
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since claims 10-12 and 20-22 depend from claim 9, since 
claims 23-25 depend from claim 13 and since claims 28-30 
depend from claim 15, these dependent claims are similarly 
not rendered obvious by the Gage and Allan patents. 

Second, none of independent claims 1, 5, 9, 13 and 15 
are rendered obvious by the Gage and Allan patents because 
one skilled in the art would not have been motivated to 
combine the references as proposed by the Examiner. The 
Examiner contends that the Gage patent discloses 
determining whether or not a packet is entitled to access a 
particular service using a lease a portion of a unique bit 
string, and more specifically that the Gage patent 
discloses defining membership in a VLAN using a unique 4 8 
b it MAC addr ess. (See Paper No. 14, page 2.) The Examiner 
further contends that it would have been obvious to use an 
ATM OUI in a MAC source address as taught by Allen in the 
system of Gage to inform the network LAN 25 whether or not 
a source (incoming packet) is registered. One skilled in 
the art would not have been motivated to combine these 
teaches are proposed by the Examiner for at least the n 



^^>irs^ the Gage patent discloses that 

security may be based on (i) a shared broadcast/multicast 
address, (ii) an access port identifier, (iii) a MAC source 
address, or (iv) an IP address, it expressly teaches away 
from using such measures for security, and instead proposes 
using an authentication server (AS) to "test" a newly 
connected end station. (See, e.g., column 2, lines 27-43 
and column 5, lines 21-38.) More specifically, with regard 
to using a shared broadcast/multicast address of security, 
the Gage patent states, "A serious flaw in this approach is 
that end stations can join a VLAN with little or no 



following two reasons . 
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authentication by the network". Column 1, lines 39-41. 
With regard to using an access port identifier, the Gage 
patent states : 



this does not prevent an intruder from 
disconnecting a legitimate end station 
and connecting an illegitimate one to 
the same physical port . Once 
connected, the illegitimate end station 
has access to possibly confidential 
information circulating within the 
VLAN. 

Column 1, lines 48-53. With regard to using a MAC addres 
for security, the Gage patent states: 



Unfortunately, this does not prevent an 
intruder from connecting an 
illegitimate end station to the network 
and inserting the MAC address of a 
legitimate end station into its data 
packets. Having successfully 
"emulated" a legitimate end station, 
the illegitimate end station gains 
access to restricted information being 
communicated in the VLAN. 

Column 1, lines 62-67. Finally, with regard to using an 
address for security, the Gage patent states: 



The IP address and user name act 
similarly to the MAC address, and 
again, by inserting the identity of a 
legitimate end station into its data 
packets, an illegitimate end station 
can gain access to restricted data. 



Column 2, lines 3-7. 
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As can be appreciated from the foregoing, the Gage 
patent clearly and strongly teaches away from using packet 
information for security. Indeed, this is the reason the 
Gage patent proposes using an authentication server to 
administer a key-based challenge -response test, passwords, 
synchronized security cards, voice printing, or 
fingerprinting. (See, e.g., column 5, lines 21-38.) 
Accordingly, independent claims 1, 5, 9, 13 and 15 are not 
rendered obvious by the Gage and Allan patents for at least 
this additional reason. Since claims 2-4, 16, 17 and 31 
depend from claim 1, since claims 6-8, 18 and 19 depend 
from claim 5, since claims 10-12 and 2 0-22 depend from 
claim 9, since claims 23-25 depend from claim 13 and since 
claims 28-30 depend from claim 15, these dependent claims 
are similarly not rendered obvious by the Gage and Allan 
patents . 

Second, in the Allan patent, the ATM QUI in a MAC 
source address is not used to determine whether or not a 
source (incoming packet) has access to a service, is 
entitled to a service level, etc. Although the ATM OUI 
field "informs LAN 25 that traffic is coming from a source 
not registered to it, so as to treat it accordingly . . . 
this permits the ATM traffic to coexist with traditionally 
address Ethernet traffic" (Column 7, lines 16-20), and is 
not described as being used for security. Accordingly, 
independent claims 1, 5, 9, 13 and 15 are not rendered 
obvious by the Gage and Allan patents for at least this 
additional reason. Since claims 2-4, 16, 17 and 31 depend 
from claim 1, since claims 6-8, 18 and 19 depend from claim 
5, since claims 10-12 and 20-22 depend from claim 9, since 
claims 23-25 depend from claim 13 and since claims 28-30 
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depend from claim 15, these dependent claims are similarly 
not rendered obvious by the Gage and Allan patents. 

Further, independent claims 1 and 13 are not rendered 
obvious by the Gage and Allan patents because these patents 
neither teach, nor suggest, determining whether or_not a 
packet is entitled to access a particular service using at 
least a portion of the unique bit string. Even if the 
Examiner's contentions were true, all that would be taught 
would whether or not a packet came from an ATM network. 
Thus, claims 1 and 13 are not rendered obvious by the Gage 
and Allan patents for yet another reason. Since claims 
2-4, 16, 17 and 31 depend from claim 1, and since claims 
23-25 depend from claim 13, these claims are similarly not 
rendered obvious by the Gage and Allan patents. 

Further, independent claim 5 is not rendered obvious 
by the Gage and Allan patents because these patents neither 
teach, nor suggest, dete rmining a servi ce level to which a 
packet is entitled using at least a portion of the unique 
bit string. Even if the Examiner's contentions were true, 
all that would be taught would whether or not a packet came 
from an ATM network. Thus, claim 5 is not rendered obvious 
by the Gage and Allan patent for yet another reason. Since 
claims 6-8, 18 and 19 depend from claim 5, these dependent 
claims are similarly not rendered obvious by the Gage and 
Allan patents. 

Finally, in addition, independent claims 9 and 15 are 
not rendered obvious by the Gage and Allan patents because 
these patents neither teach, nor suggest, forwarding a copy 
of a packet determined to belong to a group of client 
devices to a monitoring facility that monitors (a) the 
service provided to a group of customers and/or 
(b) security. The Examiner alleges that a multicast packet 
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inherently duplicates a packet and that sending a packet to 
an end station teaches sending it to a monitoring facility. 
(Paper No. 14, page 3 and 4.) Monitoring, as used in the 
specification refers to monitoring a service provided to a 
group of customers or monitoring security. These claims 
have been amended to more clearly distinguish them over 
merely sending a multicast packet to a destination. 

Claims 14, 26 and 2 7 stand rejected under 35 U.S.C. 
§ 103 (a) as being unpatentable over the Gage patent in view 
of the Allan patent and further in view of U.S. Patent No. 
6,104,700 ("the Haddock patent"). The applicants 
respectfully request that the Examiner reconsider and 
withdraw this ground of rejection in view of the following. 

Independent claim 14 is not rendered obvious by the 
Gage, Allan and Haddock patents because (i) these patents, 
either taken alone or in combination, fail to teach or 
suggest, means for determining a service level to which the 
packet is entitled using (A) contents of the service level 
list/ and (B) at least a portion of the unique bit string, 
and (ii) one skilled in the art would not have been 
motivated to combine these patents as proposed by the 
Examiner. Claim 14 is reprinted with this features 
depicted in bold typeface: 



14 . An apparatus for providing various 

service levels to packets sourced from 

a number of client devices, each of the y ^^i^lf^ 

packets having at least a part of a C J^^ /<J^Ar 

layer 2 header replaced with a iinique j/ 

bit string that is independent of ^ 

contents of the packets, the apparatus 

comprising: 

a) a plurality of queues, each of the 
plurality of queues associated with a 
particular service level; 

b) a service level list; and 
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c) a service level controller, the 
service level controller including 

i) means for determining a 
service level to which the packet 
is entitled using 

A) contents of the service 
level list, and 

B) at least a portion of the 
unique bit string, and 

ii) means for forwarding the 
packet to the one of the plurality 
of queues associated with the 
quality of service level 
determined. [Emphasis added.] 

The Examiner contends that the Haddock patent teaches 
a forwarding device which determines quality of service 
levels based on a packet's IP (layer 3) address or its MAC 
(layer 2) address, and buffering the packet in a QoS queue 
associated with the determined QoS level . The Examiner 
then concludes that it would have been obvious to apply 
Haddock's teaching to a combined Gage and Allan patent 
system to provide quality of service for various QoS 
levels. Even assuming, arguendo, that this is true, the 
teaching of the Haddock patent that QoS determinations can 
be made based on a MAC address does not teach making such a 
determination based on a unique bit string that is 
independent of the packet contents, and that replaced at 
least a part of the layer 2 header as recited in claim 14 . 
Thus, independent claim 14 is not rendered obvious by the 
Gage, Allan and Haddock patents for at least this 
additional reason. Since claims 26 and 27 depend from 
claim 14, they are similarly not rendered obvious by these 
patents . 

Second, one skilled in the art would not have been 
motivated to combine the purported teachings of the Gage 
and Allan patent for the reasons stated above, and 
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therefore would not have been motivated to combine the 
Gage, Allan and Haddock patents. 

Conclusion 

In view of the foregoing amendments and remarks, 
the applicants respectfully submit that the pending claims 
are in condition for allowance. Accordingly, the 
applicants request that the Examiner pass this application 
to issue. 



Respectfully submitted. 
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SEj^iRATE SHEETS WITH MARKED-XJP VERSION OF CLAIMS PER 37 



C,F,R, § 1,121 (c) (1) (ii) 



Claim 9 has been amended as follows: 



1 9. (TWICE AMENDED) A method for monitoring packets 

2 sourced from a group of client devices defining a subset of 

3 client devices, each of the packets having at least a part 

4 of a layer 2 header replaced with a unique bit string, the 

5 method comprising: 

6 a) determining whether or not the packet belongs to 

7 the group of client devices using at least a portion 

8 of at least one of the unique bit string; and 

9 b) if it is determined that the packet does belong to 

10 the group of client devices, then 

11 i) copying the packet to generate a duplicate 

12 packet, and 

13 ii) forwarding the duplicate packet to a 

14 monitoring facility , wherein the monitoring 

15 facility monitors at least one of (A) service 

16 provided to a group of customers and (B) 

17 security . 



Claim 15 has been amended as follows: 



1 15. (TWICE AMENDED) An apparatus for monitoring packets 

2 sourced from a group of client devices defining a subset of 

3 client devices, each of the packets having at least a part 

4 of a layer 2 header replaced with a unique bit string, the 

5 apparatus comprising: 

6 a) a monitoring port for accepting packets of the 

7 group of client devices to be monitored; 
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8 b) means determining whether or not an accepted 

9 packet belongs to the group of client devices using at 

10 least a portion of the unique bit string; and 

11 c) means for 

12 i) copying the accepted packet to generate a 

13 duplicate packet, and 

14 ii) forwarding the duplicate packet to the 

15 monitoring port so that at least one of (A) 

16 service to a group of customers and (B) security, 

17 may be monitored, if it is determined that the 

18 packet was sourced by a client device belonging 

19 to the group of client devices. 
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